Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Risk managers key to managing cyber exposures

Reprints
Risk managers key to managing cyber exposures

Risk managers play an integral role in ensuring that their companies adopt an enterprisewide approach to cyber security, the Federation of European Risk Management Associations told a European Commission consultation on public-private partnerships in cyber security.

In its submission to the European Commission, Brussels-based FERMA said “businesses have difficulties with reaching a basic level of protection, often due to a lack of risk insights and data-driven risk mitigation.”

FERMA said an overview of cyber risks across an organization, including the supply chain, “is critical, especially with the development of the Internet of Things,” going beyond a firm's information technology department, which traditionally addresses cyber concerns.

FERMA said it supports the development of a framework for clarifying cross-border liabilities in cyber incidents; a global set of rules for cyber risk assessment that would safeguard confidentiality in incident disclosure and insurance claims; and the incorporation of cyber risk governance into legislation and the creation of guidance to create an integrated approach to cyber risk from the top to the bottom of a company.

“Cyber threats are now of a systemic nature,” Jo Willaert, chairman of FERMA, said in a statement.

“Businesses, governments and insurers, therefore, need to collaborate. We must act now,” said Mr. Willaert, who is also commissioned corporate risk manager at Agfa-Gevaert N.V. in Mortsel, Belgium.

“The boards of organizations need to understand that cyber risk is not only an IT risk; it is an enterprise risk,” Mr. Willaert said in the statement.

“In that respect, we advocate a central role for the risk management function. Without being an IT specialist, the risk manager provides expert advice to support the board and the CEO,” he added.

“He or she is working hand in hand with the operational units such as IT, legal and internal audit,” he said.

Read Next

  • Malware suspected in Bangladesh bank heist

    (Reuters) — Investigators suspect unknown hackers managed to install malware in the Bangladesh central bank's computer systems and watched, probably for weeks, how to go about withdrawing money from its U.S. account, two bank officials briefed on the matter said on Friday.